Phase III Task 4

7 years ago · b1d7bc8665
3 changed files with 49 additions and 29 deletions
--- a/1
+++ b/1
@ -0,0 +1 @@
 no token found
--- a/nginx2/html/index.html
+++ b/nginx2/html/index.html
@ -7,11 +7,11 @@
          </div>
          <form method="post" action="http://localhost:3001/token" novalidate>
            <div class="form-field" style="background-color:black; color:white; padding:20px; left:50%; ">
-              <label for="message">Username</label>
+              <label for="username">Username</label>
              <input class="input" id="username" name="username" autofocus >
            </div>
            <div class="form-field" style="background-color:black; color:white; padding:20px; left:50%; ">
-              <label for="email">Password</label>
+              <label for="username">Password</label>
              <input class="input" id="password" name="password" type="password" value="" />
            </div>
            <div class="form-actions" style="background-color:black; color:white; padding:20px; left:50%; ">
--- a/node/app.js
+++ b/node/app.js
@ -14,9 +14,21 @@ const colors = require('colors');
 const secret = 'wowmuchsecretveryhiddenwow'; 
 // const morgan = require('morgan');
-// use morgan to log requests to the console
+// // use morgan to log requests to the console
 // app.use(morgan('dev'));
 // global controller
 // app.get('/*',function(req,res,next){
 //   res.header.token = 'sample-token';
 //   next(); // http://expressjs.com/guide.html#passing-route control
 // });
 // a middleware with no mount path; gets executed for every request to the app
 // app.use(function(req, res, next) {
 //   res.setHeader('charset', 'utf-8')
 //   next();
 // });
 // database connection (with retries)
 const options = {
  autoIndex: false, // Don't build indexes
@ -69,11 +81,14 @@ var testSchema = new Schema({
 var thingies = mongoose.model('thingieName', testSchema);
 // Default message for testing
-app.get('/', (req, res)=>{
+app.get('/', (req, res, next)=>{
  res.json([{message:'yes, your nodejs app is really running'}]);
  counter++; // for prometheus invocation_count metric
  libCounter.inc(); // for prometheus lib_invocation_count metric
-  console.log('Hello, I\'m inside endpoint \'/\''.green);
+  console.log('Hello, I\'m inside endpoint \'/\'');
  console.log('HTTP headers below:');
  console.log(req.headers);
  next();
 });
 // Test endpoint for md files rendering
@ -126,15 +141,12 @@ app.post('/token', function(req, res) {
    scope: 'user' 
  };
  let token = '';
  switch(req.body.username) {
      case 'user1':
      if (req.body.password === 'pass1') {
          token = jwt.sign(claims_user, secret);
          console.log('JWT Token: ' + token);
          console.log(jwt.decode(token));
          // req.headers['access-token'] = token;
          res.redirect('http://localhost/yay.html');
      } else {
          res.redirect('http://localhost/nay.html');
@ -145,7 +157,6 @@ app.post('/token', function(req, res) {
          token = jwt.sign(claims_power, secret);
          console.log('JWT Token: ' + token);
          console.log(jwt.decode(token));
          // req.headers['access-token'] = token;
          res.redirect('http://localhost/yay.html');
      } else {
      res.redirect('http://localhost/nay.html');
@ -160,28 +171,36 @@ app.post('/token', function(req, res) {
 // Restricted route
-// const restrictedRoutes = express.Router();
+const restrictedRoutes = express.Router();
-// app.use('/restricted', restrictedRoutes);
+app.use('/restricted', restrictedRoutes);
-
+
-// restrictedRoutes.use((req, res, next) => {
+restrictedRoutes.use((req, res) => {
-//   if (req.headers['access-token']) {
+  if (req.headers['token']) {
-//     jwt.verify(req.headers['access-token'], secret), (err, decoded) => {
+    jwt.verify(req.headers['token'], secret), (err, decoded) => {
-//       if (err) {
+      if (err) {
-//         return res.json({ message: 'invalid token' });
+        return res.json({ message: 'invalid token' });
-//       } else {
+      } else {
-//         req.decoded = decoded;
+        req.decoded = decoded;
-//         next();
+      }
-//       }
+    }
-//     }
+  } else {
-//   } else {
+    res.status(500).send('no token found');
-//     res.status(500).send('no token found');
+  }
-//   }
+});
 // });
 // Restricted endpoint
-// restrictedRoutes.get('/restricted', (req, res) => {
+restrictedRoutes.get('/restricted', (req, res) => {
-//   res.json([{secret:'you can see this message if you have access'}])
+  res.json([{secret:'you can see this message if you have access'}])
-// });
+});
 // JWT decode test
 app.get('/decode', function(req, res){
  if (req.headers['token']) {
    var decode = jwt.verify(req.headers['token'], secret);
    console.log(decode);
    res.status(200).send('success');
  }
 })
 // Mongo query
 app.get('/info', function(req, res){